This a web application which demonstrates common security vulnerabilities and asks users to secure the application against these vulnerabilities using the ESAPI library.

The application is intended for Java Developers. The goal of the application is to teach developers about the functionality of the ESAPI library and give users a practical understanding of how it can be used to protect web applications against common security vulnerabilities.

In addition to demonstrating the features of the ESAPI library, we felt it would be useful for developers to work out labs where they are presented with common security vulnerabilities and use ESAPI resolve the issues. We tried to cover as many of the OWASP Top 10 as possible in the labs and changed the grouping of the chapters to map to ASVS verification requirements. We were conscious of the fact that the OWASP Web Goat application already demonstrates the OWASP Top 10 vulnerabilities, but felt that this version of SwingSet could offer developers a chance to learn how to code to prevent these vulnerabilities while using ESAPI.